Newsletters: Newsbites

SANS NewsBites is a semiweekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible.

Spend five minutes per week to keep up with the high-level perspective of all the latest security news. New issues are delivered free every Tuesday and Friday.

If it's on your schedule to get authoritative training this quarter, why not choose the spectacular Arizona desert and come to SANS Phoenix 2011 the end of this month for immersion style skills-based training by some of the nation's leading experts? Added Bonus: The temperature is in the 70s. http://www.sans.org/info/69694 *************************************************************************

[Editor's Note (Schultz): The fact that organizations, including organizations that have claimed to have implemented so-called "best practices," are often terribly slow in detecting major, sustained attacks against them never ceases to amaze me. ]

2) 19 days left to take advantage of $400 Early Bird savings, SANS Northern Virginia 2011 http://www.sans.org/info/69698 ****************************************************************************

THE REST OF THE WEEK'S NEWS

Irish Job Site Breach (February 10, 2011)

A security breach at the RecruitIreland.com employment website exposed personally identifiable information of 400,000 jobs hunters. The site was taken offline for several hours and the database was shut down to prevent cyber thieves from accessing additional information. It appears that the breach was prompted by the search for names and email addresses to use for spamming. Some of those whose information was stolen have reported receiving email messages attempting to recruit them as money mules. The Irish Data Protection Commissioner and the Gardai (the Irish police force) have been notified of the incident, and both internal and external investigations are underway. -http://www.net-security.org/secworld.php?id=10567-http://www.theregister.co.uk/2011/02/10/job_site_breach/

[Editor's Comment (Northcutt): Nifty bit of social engineering, but the cat is out of the bag, I just used Google to search for the first three octets of the key "46 DC EA" and got 84,000 hits, I am sure they are not all the key, but spot checking out to page 5 appear to all be the key.]

As if the gaffe above weren't trouble enough, Sony is also facing allegations that the Blu-Ray player in the PlayStation 3 gaming console breaches patents held by LG electronics. In a complaint filed with the International Trade Commission, South Korea-based LG claims violation of two patents associated with Blu-Ray data rendering. LG is seeking to block imports of the PS3 and some Sony Bravia televisions. The claim filed by LG follows a claim from Sony against LG that some of its phones violate Sony patents. -http://www.wired.com/threatlevel/2011/02/sony-victim-or-infringer/-http://www.pcmag.com/article2/0,2817,2379689,00.asp

Two councils have been fined a total of GBP 150,000 (US $241,000) for failing to encrypt patient data on laptops that were later stolen from an employee's home. The breach affected 1,700 people. While there is no evidence that the information has been misused, the fines were levied by the Information Commissioner's Office (ICO) for violations of the Data Protection Act. Failure to encrypt the laptops also breached council policy. -http://www.theregister.co.uk/2011/02/08/ico_fines_two_councils_over_unencrypted_laptop_thefts/

[Editor's Note (Honan): Given the prevalence of viruses which spread via USB keys and other portable media, we may find by disabling AutoRun that this will be one of the most important recent patches issued by Microsoft. ]************************************************************************ The Editorial Board of SANS NewsBites

Eugene Schultz, Ph.D., CISM, CISSP, GLSC is CTO of Emagined Security and the author/co-author of books on Unix security, Internet security, Windows NT/2000 security, incident response, and intrusion detection and prevention. He was also the co-founder and original project manager of the Department of Energy's Computer Incident Advisory Capability (CIAC).

John Pescatore is Vice President at Gartner Inc.; he has worked in computer and network security since 1978.

Stephen Northcutt founded the GIAC certification and currently serves as President of the SANS Technology Institute, a post graduate level IT Security College, www.sans.edu.

Dr. Johannes Ullrich is Chief Technology Officer of the Internet Storm Center and Dean of the Faculty of the graduate school at the SANS Technology Institute.

Ed Skoudis is co-founder of Inguardians, a security research and consulting firm, and author and lead instructor of the SANS Hacker Exploits and Incident Handling course.

Rob Lee is the curriculum lead instructor for the SANS Institute's computer forensic courses (computer-forensics.sans.org) and a Director at the incident response company Mandiant.

Rohit Dhamankar is a security professional currently involved in independent security research.

Tom Liston is a Senior Security Consultant and Malware Analyst for Inguardians, a handler for the SANS Institute's Internet Storm Center, and co-author of the book Counter Hack Reloaded.

Dr. Eric Cole is an instructor, author and fellow with The SANS Institute. He has written five books, including Insider Threat and he is a founder with Secure Anchor Consulting.

Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company (Alcoa). He is leading SANS' global initiative to improve application security.

David Hoelzer is the director of research & principal examiner for Enclave Forensics and a senior fellow with the SANS Technology Institute.

Marcus J. Ranum built the first firewall for the White House and is widely recognized as a security products designer and industry innovator.

Clint Kreitner is the founding President and CEO of The Center for Internet Security.

Brian Honan is an independent security consultant based in Dublin, Ireland.

David Turley is SANS infrastructure manager and serves as production manager and final editor on SANS NewsBites.

Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit http://portal.sans.org/